XPE is lockeddown but how?

nicolausj
nicolausj used Ask the Experts™
on
I have several Windows XP Embedded machines that are stand alone machines that use RDP to connect to a terminal server for web browsing.

The current setup:  The XPE machines auto logon when powered on and launch the RDP file (which has a username and password in it) and the remote desktop connection is made.
This user account doesn't have the ability to use right click either.

Problem:
I need to create a new RDP connection as the limited user and save the username and password in the RDP file. I have tried creating a new RDP file as the Admin account then placing it in the limited users startup folder.... which didn't save the password.

How can I re-enable the right click to change the RDP file settings for the limited user??? I'm lost as to where this setting could be set.

I have tried: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
and looking for a NoViewContentMenu setting and found nothing
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
I think that the problem here has to do with the fact that saved passwords in *.rdp-files are securely stored in a encrypted way which is also based on the sid of the user that saves the password. So if you save the Password as Administrator, only this User-Account can read the saved password. I am currently not aware of a workaround as it is generally not advised to globally save passwords on machines, but you know that for sure. ;) So i wish you good luck, maybe someone knows a workaround.

Author

Commented:
I just need to right click.... but can't figure out where or how the person who set these things up removed right clicking. They are not "part" of a domain so I know Group Policy isn't going to be where the setting is.

Author

Commented:
I have been able to disable/re-enable right click on the admin account... but not on the user account.
Exploring SharePoint 2016

Explore SharePoint 2016, the web-based, collaborative platform that integrates with Microsoft Office to provide intranets, secure document management, and collaboration so you can develop your online and offline capabilities.

Are these XP Embedded machines part of a domain? If they are, policies may be in effect only for these machines, disabling the right click, Did you check that?
What about local policies?

Cláudio Rodrigues
Citrix CTP
Also this link explains why the right click is disabled...
http://msdn.microsoft.com/en-us/library/ms838619%28WinEmbedded.5%29.aspx
From the link:
"How can I enable context menus for "right-click" functionality in the runtime?

Context menus are disabled by default. To enable them, you must change the configurable settings in the User Interface Core component. There are two check boxes related to context menus that you can modify."

So it is disabled by default.

Another link:
http://www.eggheadcafe.com/software/aspnet/30024992/settings-in-user-interfac.aspx

As I assume you are not creating the XPe images yourself, you will definitely need to contact the vendor of these devices. They will be able to help you and explain what needs to be done.

Cláudio Rodrigues
Citrix CTP

Author

Commented:
Hi tsmvp,

These stations are not part of a domain... otherwise I would have this problem fixed using Group policy.

Before I was hired the vendor who created this setup was in to "fix" a similar problem on one of the thin clients, but were unsuccessful. Now we want to change a setting in each thin clients RDP setup to access firefox instead of IE. But unless we make the change using the correct user account the RDP password is lost because of windows security...
I see. Well so it looks like someone created this XPe build for you. The only way to fix this is to use the tools used to create the build and change all that you need (enable right click, add firefox instead of IE and so on). The only person that may understand that, from what you say, is the vendor that helped you guys initially.

Cláudio Rodrigues
Citrix CTP

Author

Commented:
So I found some documentation with reguards to setting up these thin clients. I looks like they used the admin account and made registry changes to the user account...

they opened the HKEY_USER, clicked on file/load hive, selected the NTuser.dat file from the "general user" documents and settings

They then import a file, named "policies explorer" to the users software\Microsoft\CurrentVersion\Policies\explorer

They also load some other files under the same users key then they click on the Key and unload the hive.

I'm assuming "policies Explorer" is a file that was custom made, and isn't common to windows. If thats true I bet the other files that were loaded into the registry were also custom made.
Probably that is indeed the case.

Cláudio Rodrigues
Citrix CTP

Author

Commented:
Not the solution I wanted to hear but I guess it will have to do.

Author

Commented:
looks like we will live with what we have got, and when out terminal server goes, we will look for a new solution. One not involving thin clients or XPE.

Author

Commented:
not really the solution, but it is an answer.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial